Posted
by
timothy
on Thursday March 18, 2010 @01:43PM
from the is-clamav-no-longer-good? dept.

Techman83 writes "After years of changing between AVG Free + Avast, it's coming time to find a new free alternative for friends/relatives who run Windows. AVG and Avast have been quite good, but are starting to bloat out in size, and also becoming very misleading. Avast recently auto updated from 4.8 to 5 and now requires you to register (even for the free version) and both are making it harder to actually find the free version. Is this the end of reasonable free antivirus, or is there another product I can entrust to keep the 'my computer's doing weird things' calls to a minimum?"

I still use Avast. Oh noes, it took me 2 minutes to fill out the little form. It takes up few resources, it has updates for it nearly every day, it's free as in beer, and I have gotten a virus in ages. What's not to like?

Try Comodo [comodo.com]. I have tried AVG, AntiVir, Avast, and MSE, and out of all of them I've found Comodo to be the best when it comes to resources, lack of irritation, and catching nasties. And if you are worried about PC usage? I'm typing this on a 1.8GHz Sempron I use as a netbox, and Comodo is using 0% CPU and just 12Mb of RAM ATM, and that is with both Comodo AV and Firewall.

What I've found the best about it is that you can have it both ways. If you just want to install it and walk away that's fine, as its defaults are sensible without anything needing to be touched. On the other hand if you are the type that wants to tweak every setting or get really fine grained on the firewall, well it supports that as well. It really is a nice AV that doesn't bug the shit out of you with popups like many do.

It'll take it around 3 days to learn your routine, after that you may get a popup once a week when you do something unexpected or an app suddenly tries to call home. It is so quiet I even leave it running while gaming and it doesn't bother me or slow things down. I really can't say enough good things about it, and it sucks that nobody ever seems to bring it up on the big review sites. I have some relatives that can pick up more viruses than a Bangkok whore and Comodo has kept them squeaky clean, and that's saying something!

I used Avast 4.8 for about a month. Then they upgraded to 5.0. Didn't care about the registration, but everything else just irked me to no end. On the other hand, MSE has every advantage you listed, plus no registration, and the updates are gathered through Windows Update, so you don't have yet another service updating itself.

I'll second the plug for MS Security Essentials. My current machine came with a three year subscription to McAfee. It was basically "free to me" - but it was utter crap. It wanted me to reboot about once a week to install something (at one point they even emailed everyone registered with a "we're sorry" note because it went through 2 weeks of a reboot every day). I removed it in favor of another "free to me" version - Symantec. That one was because our work license has provisions for home use. It was better than McAfee in that it didn't ever ask for a reboot, but as people know it slows your machine down more than it should. As soon as MS Security Essentials shipped, I dumped that "free to me" Symantec and have never looked back. My wife, both kids, and my machine are all running MSE. I even signed up for the perpetual beta so I am testing the newest version on the machine I am typing this on. I really wouldn't even bother with any other one at this point.

I think it was a CNET comparison I read of 19 products. Microsoft Security Essentials was something like 2nd out of 19 products in detection, it was the only free product at the top, and it has the smallest footprint out of all 19 tested.

You'd be hard pressed to argue there is a better free product right now.

I don't know what the authors problem is. With Avast the first time you install it you don't have to register, eventually you'll have to register, but that is not for a few months. After that you will have to re-register something like every 6 or 9 months. Hell, its not like you even have to give them valid information.

I was helping a doctor clean out his family computer when he asked how does one contract a computer virus.
I respond by visiting the seedier parts of the internet looking for cheap thrills and free software/porn.
In a flash of understanding he responds, 'Oh, just like real diseases.'

I then proceded to show him where to obtain free porn without needing to visit the sites that were infecting his computer.

Well, I can say it alerted me to one attempted drive-by trojan install, isolated the file, and deleted it, all before I did anything to react to the initial notice. First time I've gotten any sort of notice not related to tracking cookies in a few years.

FWIW, I don't install AV on my main windows machine. If I do see something suspicious I upload it to: http://www.virustotal.com/ [virustotal.com]

So far I don't think my machine has been infected before. If my machine ever gets zombied, I'd probably notice since 1) I have a crappy internet connection, 2) I'd eventually notice the network traffic on the gateway machine - which is not windows.

My favorite "security threat" found on my PC once was in a keygen. I think it was AVG that "identified" it as "harmful" due to being a keygen. The extended details said that the "threat" to my PC was that it would allow unauthorized use of software. Oooh, scary!
Also, VirusTotal is awesome.

Admittedly, keygens are probably among the most likely software to contain a trojan or something. However, that sort of hand-hacked code does quite often throw up false positives. I've quite often found AVG complaining about cygwin executables or scene demos (Which usually have convoluted compressed executables, probably similar to trojans)

It's the compression algorithms that often get used in demos that cause the problem. Compression is great obfuscation on the actual payload, but the problem is that the compression algorithm is an easy to target signature.

One of our clients got a new SBS 2008 box along with an antivirus suite. While MSE is damn good (and free), Forefront is OTOH we feel is crap from deployment, management and reporting. It does share the same deffs that MSE uses, so protection should be good in theory.

We've tried most of the major brands first-hand across many different networks. Of all of them, both my co-workers and I think Trend Micro Worry-Free Business Security is the best. It blocks spam at the Exchange server level, and stops drive-by

At work (a university) the central IT has chosen to license Sophos. It is, well, crap to put it mildly and takes up amazing amounts of resources. So, instead we use Security Essentials on many systems. Works well, it has successfully stopped viruses that users have tried to get. Pretty light on resources over all, not the lightest weight program I've seen but up there.

Best one for free I've seen. Personally ESET NOD32 is my favourite and what I license for home, but if the price requirement is $0, then MSE is what I use.

I'm so glad you told us what you were running there at the end! I was reading along and I was like "His GIRLFRIEND'S PC?!?!?!?! What about HIS PC?!?!" And then you told me you run OSX and I was like, sweet dude. Sweet.

It's also the whole monopoly thing. They got into big trouble for bundling a free browser into windows. Because, I mean, what OS actually comes with a browser? (Of course things were a little different in 1995.)

It's also the whole monopoly thing. They got into big trouble for bundling a free browser into windows. Because, I mean, what OS actually comes with a browser? (Of course things were a little different in 1995.)

In 1995, the two main alternatives to Windows - OS/2 and MacOS - both came with browsers.

If you are running Windows, you are already implicitly agreeing to trust MS, so why not trust their AV program? It's free and integrates unobtrusively into your system. It seems like the most sensible free choice.

I respectfully disagree with your notion that Kaspersky is better than MSE. I had Kaspersky's basic anti-virus for 2 years before MSE came out, and it was a terrible resource hog. And not just during scans; the actual real-time protection would increase the time to open a video file from ~2 seconds after double-clicking to ~15 seconds.

Additionally, when it detects a suspicious file, the program issues the most gut-wrenching squealing noise I've ever heard. And it does this by default; you have to go into settings to disable the noise.

I should think "friends/relatives who run Windows" would be exactly the type to appreciate the convenience of a low-impact reliable AV package, which means they may have to pay a few bucks. It's fine to play FOS yourself or with trivial office or audio stuff, and I do it myself. But I still give ESET a few shekels/year for each windows PC in my house. It just makes sense to me.

I used to used to get my parents to buy Norton for their home PC and remote support them. But if the years subscription was up they wouldn't have the latest protection until I was around to do the upgrade.

I eventually went free as Norton started causing more problems than it was supposed to solve. Originally I rolled out AVG but that too had yearly requirements to upgrade. I switched all the family members I support a few months ago to the microsoft solution and "it just works", having the definitions and program updates rolled into the windows update has saved a lot of hassle. It being low resource usage is also a major plus. Everyone is happy.

...I wish 3rd party software would integrate into the windows update system, it would save a lot of bother (and pop-us, nag screens and update checking tasks loaded at startup).

http://www.clamwin.com/Although it is missing an on access scan, I am not sure if that is a plus of a minus

I could live without an on-access scan (tell your download manager to scan downloaded files), but Clamwin is completely unusable, IMHO, because it uses up much more system memory, and takes 4X as long to scan compared to the more common Free AVs.

If you want real, free antivirus, go with MoonSecure (v2.x), which is GPL, does on-access scanning, and uses the ClamAV database. It does (momentarily) use up a lot of memory, and slow down the system, but only when first starting up, or updating definitions. Other than that, it's no more of a dog than any other free AV. Free for commercial purposes, likely to have definitions available forever, etc.

Clam sentinel is a program that detects file system changes and automatically scans the files added or modified using ClamWin. Require the installation of ClamWin. For Microsoft Windows 98/98SE/Me/2000/XP/Vista/Windows 7.http://sourceforge.net/projects/clamsentinel/ [sourceforge.net]

Avira Anti-vir.
It is good, fully functioned with updates, custom scheduled scans and on access scanning. The only thing you have to deal with is a daily ad that you can dismiss by hitting OK and it won't pop up for another 24 hours.
Also it uses up half the resources of AVG, McAfee, Norton.

Avira's pop-up can easily be blocked, unless you run a Home version of Windows, which IIRC requires a Safe Mode boot and some mumbo-jumbo. On more functional versions of Windows you can easily disallow the execution of avnotify.exe and you're done.

That being said, I've heard good things about Panda antivirus-in-a-cloud as well as Avast! - along with Avira, they would be my top three of free antivirus programs to install on my family members' computers.

Obviously you've never actually used Avast. You've always had to register for the free version, and renew the regsitration once a year. They're giving it away for free, I honestly don't see registering as a big deal.

And the new version is actually a lot better, it finally detects rootkits... If you're looking for something that actually does its job and yet doesn't take up any space or processing power, I doubt you'll find anything...

If you're gonna pay for your operating system, and then complain about free antiviruses, you might want to consider changing to linux...

Comodo has always had a wonderful firewall, and lately I have been thinking of trying their AV for my less than tech savvy relatives on windows. Avast has bothered me lately with their voice updates, though generally I still like Avast. AVG is the only one I think is not so good.

I don't think he was talking about the database size, but the fact that both AVG and Avast (I use both) have moved to highly customized skinned UIs and have completely removed any native UI components and include useless junk that slows your system (eg safesearch/linkscanner) in their installers that makes "Custom install" the only practical method

I've been trying this out on my home computers so far and its definitely less resource intensive than previous AV solutions I've used. I haven't gotten infected with anything lately (that I know of) so I don't know how well it handles infections yet.

Actual web page is here [cloudantivirus.com] and you can read up on it a bit here [wikipedia.org].

The French are scandalised by the idea that an estimated six to nine per cent of the revenues paid by its police ministry for Panda's Global Virus Insurance might have gone into the coffers of the Church, which was founded by L Ron Hubbard.

There are quite a few options actually. I'll list them in order of effectiveness.

1. BSD or Linux. You won't get hit by viruses or any crap like that, unless you're enough of a moron to run everything as root and go out of your way to make the system open. Unfortunately neither option will run 100% of your Windows software.

3. Comodo antivirus; http://personalfirewall.comodo.com/free-download.html [comodo.com] I have been trying it on various workstations and have found it to be reasonably good. Less effective than the above options!;) Seriously though it's pretty good. It's not antispyware though, and it doesn't slow the system to a crawl like some other programs. That should be a non-issue. If not, then why are you running MSIE after you've been warned for years?;)

4. Microsoft Security Essentials: Microsoft actually did a very good job with this basic suite. It's not bloated at all, is straight and to the point, and catches some spyware even malwarebytes misses. It's good now, but then again, Microsoft has dropped the ball with every antivirus and antispyware software they have installed to date.

5. You could try Norton Internet Security. I understand they've completely rearchitected it and brought over NO legacy code and are not bloated so you might want to try it, but I haven't looked at the Norton suite since the 2003 version that turned their antivirus into a failed abortion.

I was using Moon Secure on various systems for a while: it's free, open source, etc. but it has not been updated in forever and is rapidly becoming less and less effective, plus it has quite a few defects including making the Windows logon process EXTREMELY slow on some configurations.

Seriously, no antivirus. But then, I only use Windows occasionally to play games. I'm surprised I only had one (1) virus problem over the last 5 years in Windows, which I fixed thanks to a targeted tool. Apart from that, I practice Safe Computing, and that appears to have kept me out of trouble.

However, for all that I know, my windows system may be part of a few botnets that don't cause me any problems:\

On my family's computers... I forced Ubuntu upon those I could, and left the others to fend for themselv

Microsoft Security Essentials. It's really the only choice imo. All the others are trying to sell you something. Now, if you're willing to pay, there are perhaps better choices. The most important thing to remember is to not take it too awful seriously. All AV sucks, badly. It's reactive and it only detects a small percentage of the naughty things. It's the only option, but it sucks. MSSE is good.

why would you be more insecure under Windows than you be doing the same thing under OS X or Linux? Sure, the greater market share of Windows leads to more effort being put into creating malware for it, and that presumably increases the overall risk slightly. But that's a minor point. In general terms, used properly, a Windows system running without an antivirus package is adequately secure.

The problem is that Windows users tend to have terrible security hygiene. They turn security features off, never update, and click the dancing bunnies [codinghorror.com]. That's a separate, social issue. Never try to apply a technical solution to a social problem.

These days, the Windows security model is pretty good; you can attach a security descriptor to practically any kernel object, and the NT kernel has supported ACLs since day one. Slashdot needs to stop living in 1999. We're not talking about Windows 98. You can't crash a machine by pinging it, and it doesn't blue screen every day. Hell, you can even keep it up long than 49.7 days!

Bashing Windows today for the faults of the system a decade just makes you look ridiculous. It's like bashing Linux for not having hardware hot-plugging, or bashing Macs for not having preemptive multitasking. It's ludicrous. You want to bash Microsoft for pervasive DRM? Fine. You want to bash them for outrageous market segmentation? You want to bash them for their traditional embrace-extend-extinguish approach to standards? Fine. Want to bash them for still not having a real package manager in the OS? fine. Those are all still issues. But security and robustness aren't.

I use AVG's free edition for on-access scanning, just for a little extra protection, because I am generally able to avoid getting infected with anything. (Even if something does slip by me, I can often track it down through a service it installs, entry in startup lists, or running processes.)
If I'm downloading something that has a big potential for being a virus (e.g. a no-CD crack), I'll scan it manually with AVG, and also upload it to a scanning service like virusscan.jotti.org [jotti.org] or virustotal.com [virustotal.com], which take a file and put it through a number of anti-virus products.

Natually, AVG has also been making it harder to find the free edition. They, of course, want you to buy the full AVG Internet Security package. (To find AVG Free, you have to go to free.avg.com [avg.com], and look for the less-flashy, more hidden buttons.)

Between my job, some side work and friends and family I manage close to 70 Windows machines. I have been doing IT since 1992.

When I am asked this question my answer is always this. None. I think antivirus is more trouble than it is worth. First any new viruses will be undetected, second the pain of actually running anti virus outweighs any marginal benefit received from it.

Of course this answer immediately creates a follow up question... Well then what do you do?

The best way to protect yourself is to run as NON - ADMIN. That's it. A coworker recently got a virus and I simply logged in as admin and ran a free online virus scan. It found his problem and removed it.

Between my job, some side work and friends and family I manage close to 70 Windows machines. I have been doing IT since 1992.

Congrats, welcome to being a Junior Systems Administator.

When I am asked this question my answer is always this. None. I think antivirus is more trouble than it is worth. First any new viruses will be undetected, second the pain of actually running anti virus outweighs any marginal benefit received from it.

The crimeware industry is collectively thanking you for spreading your fantastic and totally bogus advice. Running a Windows box sans AV might be fine for you because you're so smart and have never found a rootkit on your machine, but I suspect your motivation for telling your less aware friends to use no AV whatsoever on a Windows machine is so you can generate some more side work. News Flash: Running a non-admin account will not even slow down so

Microsoft Security Essentials [microsoft.com] is all you need for non-enterprise A/V.It's free, it's unobtrusive and it works very well. What's more, commercial AV vendors, like Symantec, realise what a threat it is to their business model and have published a lot of FUD about you get what you pay for - however all the benchmarks I've seen have it ranking up there with the best of them.

The only reason to go for a commercial AV package is if you need a management and reporting console to manage a large number of computers.

Avast has always required a registration key, and is now easier than ever to do-- you just click the button from within the program and it does it.

As for good free AV, theres Avira, Avast, and MSSE, all of which are decent. More to the point, antivirus is the LEAST important thing you can do for friends and family-- FIRST, install firefox, update IE, uninstall Adobe Reader, and install foxit. This will prevent 100x more viruses than any AV will.

The best thing is to drop all this and let your system's natural immunity develop. Overprescription of AV software just encourages the growth of AV resistant viruses. Basic hygiene is still important, so wash your computer and all peripherals daily with warm soapy water. That will eliminate 99.9% of all viruses. Also data.

It's analogous to chain mail armor; it's effective against old weapons like broadswords and crap, but completely useless against guns. Today's malware are the equivalent of heavy artillary and most antivirus software is akin to chain mail or even leather armor.

Or, to put it in a car analogy: many antivirus programs would be like wiping a coat of mineral oil ("baby oil") on your unpainted/freshly sandblasted car, and then driving your car through the winter in New England where they salt the roads very heavi

Anti-virus may not protect against the 'heavy artillery' style attacks, but it does protect against the millions of older ones.Naturally, just like the Marine Corps can't protect people directly from shelling, it can protect them against some of the small arms fire, random bits of flying debris, and (most importantly) help keep them in contact with their command structure.

Running a computer with no AV exposes you not just to massive malware, it exposes you to everythin

Just because you can't be 100% safe with any given product is no reason to abandon it entirely.

I recently reinstalled Windows, and while I've historically used Avast, I opted to go with nothing this time around. I'm tired of resource usage and slower load times for everything thanks to antivirus; I've moved my e-mail to Google Apps, so they scan my e-mails for viruses. My use of Bittorrent is extremely limited (I only have it installed because Star Trek Online's installer is available via torrent), and I never visit the seedier side of the internet. I'm behind a firewall.

Basically I'm not going to get a virus, so I see no reason to run anti-virus software. Rather than "Can't be 100% safe, may as well not use it", my reasoning is "I'm already 99.99999% safe, so why bother".

(Yes, I know it's still technically possible to get a virus. But the chances are extremely slim, given the way I use my computer.)

I used to think this way as well. Although, I had a virus scanner installed for scanning downloads, I did not have it actively scanning. Turns out my thinking was as flawed as yours. The problem is that with one vulnerability in your web browser or a browser plugin, malicious code can be executed and that code may run a bunch of detectable viruses. This exact problem happened to me when I was surfing the internet checking out some information on a game I was interested in. Randomly out of nowhere my compute

I've recently had to reinstall Windows at home as well. This time I'm trying out Windows 7's XP Mode. Since it hides the Desktop and integrates the app (in this case Firefox with NoScript) to Windows 7 other then a few seconds extra to start the app it seems to work decent enough. Reminds me a lot of Parallel's on my Mac.

Inside the VM I have the AV, Anti Spyware, and Firewall running. But when I shut down the browser the system isn't bogged down with such crap. Takes up more resources while the browser

just like the Marine Corps can't protect people directly from shelling, it can protect them against some of the small arms fire, random bits of flying debris

Another effective way not to be shelled, shot, or hit by debris is to stay out of war zones. This is one of the ways in which suburban dwellers can justify not wearing body armor (except those living in Gary Indiana). Similarly, I choose not to use a virus scanner either because I find it cumbersome, and a poor performance to safety ratio.

It's nice to at least get an alert "Hi, program XYZ is attempting to send emails
Is that nice? I find that when my computer constantly questions me about what I am trying to do, I can become annoyed. For instance, I much prefer my Debian based systems that don't generate a pop-up every time one of my programs tries to make an incoming tcp port live.

You should still wear pants even though they don't stop bullets

I guess it's your turn to make an unsuitable analogy (perhaps the emoticon indicates you were doing so purposefully, I can't tell). Not all people should wear pants. Those who should wear them do so because it because (a) it's cold, (b) social pressures encourage modesty in some venues, or (c) local laws or dress codes sometimes require them. None of those has to do with safety. Virus checkers, unlike pants, don't really have any upsides beyond the supposed safety factors - don't pretend that any AV software is nearly as versatile as a comfortable pair of jeans.

That is why I would recommend to TFA that he install Comodo [comodo.com] as so far the detection rate has been excellent. It's free, doesn't suck up resources (currently using a whole 10Mb) has a MUCH better firewall than the one built into Windows, is easy for noobs to use, in short it "just works".

So if he wants something simple, easy, and free, with a really good detection rate and no bloat, I'd go with Comodo. I've even given it to my most clueless family members and so far nobody has had a bit of trouble understa

Actually, thanks for the posting because you've put the seed of an idea into my head.

I'm a Linux & security consultant at my place of work & therefore get a lot of freedom in running what I want to on my laptop. I've been using OpenOffice (on Linux and XP) at home for a while now, I finally managed to ditch Office 2003, specifically Outlook, when I recently got rid of the last phone dependant on ActiveSync and Outlook for synching contacts.

The standard at work is XP and Office 2003, having messed about with Thunderbird & Sunbird recently, I'm pretty sure I can manage on those for email & calendaring at work

Then either you don't use calendaring very heavy and have been using Outlook as a mere email client. I develop plugins for email clients. I freaking HATE Outlook in just about every conceivable way. If I was a sales person or a manager who gets stuck with lots of meetings and high email traffic, Outlook would be my preferred ema

Reinterpretation of "buy a mac or use linux" mantra every time someone asks for an Windows related advice in all too familiar car terminology:

Windows user: I have this $non-descript-japanese-model hatchback and....Pundit: Scrap that shit, get a Mercedes!WU: Well, it's just this noise...Pundit: Mercedes! Japanese cars are shit!WU: I can't afford that - anyway I was saying...Pundit: Then you have to go for a tank!WU: A tank? WTF? Is this a car service?Pundit: Or F22 fighter jet. It will happen sooner or later, sonny boy, you car is a piece of shit, it will fall apart any day. Why delaying the inevitable? Switch to proven quality!WU: Uh... ok, I'll go with it. How do I drive a tank? How do I even get the fucking tank?Pundit: It's free! You just have to join the military and pass the training and you're good to go!WU: Can I drive it to work?Pundit: Not really but who cares! It's rock solid!WU:...